﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using TierApplication;
using TierService;


public class Authentication
{
    public Authentication()
    {
        //
        //TODO: 在此处添加构造函数逻辑
        //
    }
    public static string GetUserRole()
    {
        string Role = "";
        if (HttpContext.Current.User != null)
        {
            if (HttpContext.Current.User.Identity.IsAuthenticated)
            {
                if (HttpContext.Current.User.Identity is FormsIdentity)
                {
                    FormsIdentity id =
                    (FormsIdentity)HttpContext.Current.User.Identity;
                    FormsAuthenticationTicket ticket = id.Ticket;
                    // 取存储在票据中的用户数据，在这里其实就是用户的角色 
                    Role = ticket.UserData;
                }
            }
        }
        return Role;
    }
    /// <summary>
    /// 
    /// </summary>
    /// <returns></returns>
    public static bool IsAuthenticated()
    {
        return HttpContext.Current.User.Identity.IsAuthenticated;
    }
    /// <summary>
    /// 
    /// </summary>
    /// <param name="userName"></param>
    /// <param name="password"></param>
    /// <returns></returns>
    public static bool ValidUser(string userName, string password)
    {
        if (!string.IsNullOrEmpty(userName) && !string.IsNullOrEmpty(password))
        {
            P_User _User = new P_User();
            UserInfo info = _User.Login(userName, password);
            //password = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "MD5");
            //string realPassword = Users.GetUser(userName).Password;
            if (info != null)
            {
                SessionHelper.Add("UserInfo", info);

                string userRoles = UserToRole(info.UserId.ToString()); //调用UserToRole方法来获取role字符串
                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
                    info.UserCode.ToString(),
                    DateTime.Now,
                    DateTime.Now.AddMinutes(20),
                    false,
                    userRoles//可以将Roles按","分割成字符串，写入cookie
                    );
                string data = FormsAuthentication.Encrypt(ticket);
                HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, data);
                cookie.Path = FormsAuthentication.FormsCookiePath;
                cookie.Domain = FormsAuthentication.CookieDomain;
                cookie.Expires = ticket.Expiration;
                HttpContext.Current.Response.Cookies.Add(cookie);
                return true;
            }
        }
        return false;
    }
    //此方法用来获得的用户对应的所有的role用逗号分割的一个字符串
    private static string UserToRole(string UserId)
    {
        string Roles = "";
        P_UserRole _UserRole = new P_UserRole();
        List<UserRoleInfo> list = _UserRole.GetUserRole(UserId);
        //相应的代码
        foreach (UserRoleInfo info in list)
        {
            if (Roles == "")
                Roles = info.RoleId;
            else
                Roles = Roles + "," + info.RoleId;
        }
        return Roles;
    }
}

